-
Content Count
7,578 -
Joined
-
Last visited
-
Days Won
190
itman last won the day on January 17
itman had the most liked content!
About itman
-
Rank
Expert
Profile Information
-
Gender
Male
-
Location
USA
Recent Profile Visitors
15,320 profile views
-
False "Website certificate is revoked" message
itman replied to hectorx's topic in ESET NOD32 Antivirus
One thing I am puzzled about is that Eset with default settings is supposed to warn and not block certificates with trust issues which is not happening: -
False "Website certificate is revoked" message
itman replied to hectorx's topic in ESET NOD32 Antivirus
Firefox most certainly does: https://support.mozilla.org/en-US/kb/secure-website-certificate . I would assume the same for Chrome and Edge. This article gets into more detail: https://www.ssl.com/article/how-do-browsers-handle-revoked-ssl-tls-certificates/ . Their test in regards to RSA DV certs. yielded the following: As long as FireFox has OCSP enabled which is the default for certificate checking, it will detect a revoked intermediate cert.. Chrome doesn't detect because of bugs it appears: Edge will detect as long as its default settings haven't been modified: -
False "Website certificate is revoked" message
itman replied to hectorx's topic in ESET NOD32 Antivirus
Something is not right here in regards to this certificate status. I went to the GlobalSign web site here: https://support.globalsign.com/ca-certificates/intermediate-certificates/domainssl-intermediate-certificates , and downloaded this cert.. I really don't believe GlobalSign would still list a revoked cert. on their web site. Further confirmed by viewing the cert. itself: Additionally note that the thumbprint of this cert. does not match that of that shown by the independent scan of the URL by SSLLabs: It appears to me that this URL, https://intranet.agricom -
False "Website certificate is revoked" message
itman replied to hectorx's topic in ESET NOD32 Antivirus
I will also note that this URL, https://www.agricom.cl/ , is OK. Appears to me that access is being attempted to an intranet domain of above via the Internet? -
Since there have been past complaints about Eset blocking IOBit web sites and software to boot, note the following also from the bleepingcomputer.com article. Obviously, the attacker used this vulnerability to exploit the IOBit web site.
-
Networkcard/Ethernet issue
itman replied to elle's topic in ESET Internet Security & ESET Smart Security Premium
Are you disabling the Ethernet network connection as noted below? https://www.addictivetips.com/windows-tips/disable-an-ethernet-connection-windows-10/ -
Elaborating on this attack, the details are as follows. The IOBit forum website was compromised by an attacker who gained admin access to the site. This allowed him to harvest e-mail addresses of forum users and plant a malicious download from the forum web site. The attacker then sent e-mails to IOBit forum users which stated they were the winners of a free one year license to an IOBit security product. At this point note that the e-mail would appear legit since the sender's address was legit. The following are excerpts from the bleepingcomputer.com article. The ransomware i
-
khairulaizat92 reacted to a post in a topic: IOBIT Forum Hacked
-
The main thing to know about this attack was Windows Defender was bypassed since the malware created exclusions in WD to allow its malicious .dll to run undetected. Kapersky also didn't stop files being encrypted by the ransomware portion of the attack. Per a malwaretips.com poster: Waiting until someone does a detailed analysis on this puppy.
-
A bit difficult to understand what you posted. Eset has three retail products with a firewall: 1. Internet Security 2. Smart Security Premium. 3. A legacy product called Smart Security. This has been superseded by Internet Security. Which of the above did you have installed previously? Which of the above did you recently install? Did you uninstall what you had installed previously prior to performing the new install?
-
You can make an inquiry as to pricing here: https://www.eset.com/my/business/windows-security/
-
ESET Endpoint Security 8.0.2028.0 blocking DNS on wired Ethernet
itman replied to conorc's topic in ESET Endpoint Products
The way to diagnose this is as follows: 1. Set Ethernet IPv4 connection back to Obtain DNS server automatically. 2. Reboot device or do via command prompt window, ipconfig /flushdns, ipconfig /release, and ipconfig /renew commands to reset IPv4 connection and acquire a new IPv4 lease. 3. Via command prompt window, enter ipconfig /all and note IPv4 DNS server assignment IP addresses. 4. Open Eset GUI and then Network protection. 5. Select Advanced. Then select Zones -> Edit. In the DNS section, do you see the same IPv4 DNS server addresses noted in the prior ip -
Are you referring to the Eset splash screen which just shows an image of Eset logo? If so, refer to below screen shot to disable its display at system start up time.